urlscan.io logo urlscan.io
SecurityTrails logo

giftprepaid.mastercard.com Open in urlscan Pro
216.119.218.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://giftprepaid.mastercard.com/
Effective URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Submission: On June 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 216.119.218.174, located in United States and belongs to MASTER-7-AS, US. The main domain is giftprepaid.mastercard.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 13th 2024. Valid for: a year.
This is the only time giftprepaid.mastercard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 216.119.218.174 26380 (MASTER-7-AS)
2 216.58.212.164 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
27 5
15    216.119.218.174 (United States)

ASN26380 (MASTER-7-AS, US)
PTR: sainsburysbank.cashpassport.com
giftprepaid.mastercard.com
2    216.58.212.164 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f164.1e100.net
www.google.com
10    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Apex Domain
Subdomains		 Transfer
15 mastercard.com
giftprepaid.mastercard.com
262 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 378
191 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
2 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 653
295 B
1 gstatic.com
www.gstatic.com
213 KB
27 5
Domain Requested by
15 giftprepaid.mastercard.com 2 redirects giftprepaid.mastercard.com
10 cdn.cookielaw.org giftprepaid.mastercard.com
cdn.cookielaw.org
2 www.google.com giftprepaid.mastercard.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.gstatic.com www.google.com
27 5

This site contains links to these domains. Also see Links.

Domain
www.onetrust.com
Subject Issuer Validity Valid
giftprepaid.mastercard.com
Entrust Certification Authority - L1K		 2024-06-13 -
2025-07-13		 a year crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Frame ID: 49044C4540782C28D0AB0B0783CE4440
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Israel Post Gift Card| My Account | Register or login

Page URL History Show full URLs

  1. http://giftprepaid.mastercard.com/ HTTP 307
    https://giftprepaid.mastercard.com/ HTTP 302
    https://giftprepaid.mastercard.com/myaccount/ HTTP 302
    https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

664 kB
Transfer

1972 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://giftprepaid.mastercard.com/ HTTP 307
    https://giftprepaid.mastercard.com/ HTTP 302
    https://giftprepaid.mastercard.com/myaccount/ HTTP 302
    https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register-card
giftprepaid.mastercard.com/
Redirect Chain
  • http://giftprepaid.mastercard.com/
  • https://giftprepaid.mastercard.com/
  • https://giftprepaid.mastercard.com/myaccount/
  • https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
46 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
f32e91fbc09bf293b5577d57de7a35314bcce59672e152bcec4b04532fe8bc1c
Security Headers
Name Value
Content-Security-Policy style-src *.edentiti.com *.optimizely.com cloud.typography.com smetrics.mastercard.com fonts.googleapis.com ajax.aspnetcdn.com hello.myfonts.net fast.fonts.net use.typekit.net 'unsafe-inline' 'self'; script-src *.cookielaw.org *.demdex.net smetrics.mastercard.com *.edentiti.com ipac.ctnsnet.com *.optimizely.com *.auspost.com.au *.omtrdc.net *.demdex.net *.effectivemeasure.net assets.adobedtm.com d3b3ehuo35wzeh.cloudfront.net *.fullstory.com www.google.com www.gstatic.com www.googleadservices.com connect.facebook.net app.rejoiner.com pixel.mathtag.com *.taboola.com benchtag.co www.googletagmanager.com *.rfihub.net *.serving-sys.com s3.amazonaws.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com use.typekit.net api-mastercard-mpms.nd.nudatasecurity.com ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src * 'self'; img-src *.mastercard.com *.mastercard.us *.cookielaw.org *.optimizely.com s.effectivemeasure.net *.auspost.com.au *.facebook.com load.s3.amazonaws.com *.openx.net *.bluekai.com *.adnxs.com *.exelator.com smetrics.mastercard.com *.casalemedia.com *.pubmatic.com *.360yield.com *.btrll.com *.twitter.com *.mathtag.com *.taboola.com *.g.doubleclick.net app.rejoiner.com www.google.com www.google.com.au www.googleadservices.com www.gravatar.com www.google-analytics.com p.typekit.net ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:; font-src fonts.gstatic.com use.typekit.net 'unsafe-inline' data: * 'self'; default-src *.cookielaw.org smetrics.mastercard.com *.onetrust.com *.demdex.net *.optimizely.com 'self' data:; media-src * ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Length
11765
Content-Security-Policy
style-src *.edentiti.com *.optimizely.com cloud.typography.com smetrics.mastercard.com fonts.googleapis.com ajax.aspnetcdn.com hello.myfonts.net fast.fonts.net use.typekit.net 'unsafe-inline' 'self'; script-src *.cookielaw.org *.demdex.net smetrics.mastercard.com *.edentiti.com ipac.ctnsnet.com *.optimizely.com *.auspost.com.au *.omtrdc.net *.demdex.net *.effectivemeasure.net assets.adobedtm.com d3b3ehuo35wzeh.cloudfront.net *.fullstory.com www.google.com www.gstatic.com www.googleadservices.com connect.facebook.net app.rejoiner.com pixel.mathtag.com *.taboola.com benchtag.co www.googletagmanager.com *.rfihub.net *.serving-sys.com s3.amazonaws.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com use.typekit.net api-mastercard-mpms.nd.nudatasecurity.com ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src * 'self'; img-src *.mastercard.com *.mastercard.us *.cookielaw.org *.optimizely.com s.effectivemeasure.net *.auspost.com.au *.facebook.com load.s3.amazonaws.com *.openx.net *.bluekai.com *.adnxs.com *.exelator.com smetrics.mastercard.com *.casalemedia.com *.pubmatic.com *.360yield.com *.btrll.com *.twitter.com *.mathtag.com *.taboola.com *.g.doubleclick.net app.rejoiner.com www.google.com www.google.com.au www.googleadservices.com www.gravatar.com www.google-analytics.com p.typekit.net ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:; font-src fonts.gstatic.com use.typekit.net 'unsafe-inline' data: * 'self'; default-src *.cookielaw.org smetrics.mastercard.com *.onetrust.com *.demdex.net *.optimizely.com 'self' data:; media-src * ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Jun 2024 17:59:44 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1;mode=block

Redirect headers

Cache-Control
private
Content-Security-Policy
style-src *.edentiti.com *.optimizely.com cloud.typography.com smetrics.mastercard.com fonts.googleapis.com ajax.aspnetcdn.com hello.myfonts.net fast.fonts.net use.typekit.net 'unsafe-inline' 'self'; script-src *.cookielaw.org *.demdex.net smetrics.mastercard.com *.edentiti.com ipac.ctnsnet.com *.optimizely.com *.auspost.com.au *.omtrdc.net *.demdex.net *.effectivemeasure.net assets.adobedtm.com d3b3ehuo35wzeh.cloudfront.net *.fullstory.com www.google.com www.gstatic.com www.googleadservices.com connect.facebook.net app.rejoiner.com pixel.mathtag.com *.taboola.com benchtag.co www.googletagmanager.com *.rfihub.net *.serving-sys.com s3.amazonaws.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com use.typekit.net api-mastercard-mpms.nd.nudatasecurity.com ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src * 'self'; img-src *.mastercard.com *.mastercard.us *.cookielaw.org *.optimizely.com s.effectivemeasure.net *.auspost.com.au *.facebook.com load.s3.amazonaws.com *.openx.net *.bluekai.com *.adnxs.com *.exelator.com smetrics.mastercard.com *.casalemedia.com *.pubmatic.com *.360yield.com *.btrll.com *.twitter.com *.mathtag.com *.taboola.com *.g.doubleclick.net app.rejoiner.com www.google.com www.google.com.au www.googleadservices.com www.gravatar.com www.google-analytics.com p.typekit.net ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:; font-src fonts.gstatic.com use.typekit.net 'unsafe-inline' data: * 'self'; default-src *.cookielaw.org smetrics.mastercard.com *.onetrust.com *.demdex.net *.optimizely.com 'self' data:; media-src * ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:;
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Jun 2024 17:59:44 GMT
Location
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1;mode=block
main.css
giftprepaid.mastercard.com/themes/GiftCards/css/ 		119 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/css/main.css?v=1.0.8902.17024
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
3b6060c030f9f26aa3b551f8f43939b13095ffa9dfd4c1a2a44315246729f711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:44 GMT
Last-Modified
Mon, 26 Feb 2024 22:17:04 GMT
ETag
"0b0e686169da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
18618
X-XSS-Protection
1;mode=block
israelpostoverride-gift.css
giftprepaid.mastercard.com/media/228115/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/media/228115/israelpostoverride-gift.css
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
5e70046b9b15bc27a865b62e28bfd025c5497bfd6be7127524182f74960b323b
Security Headers
Name Value
Content-Security-Policy style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 28 May 2021 08:24:06 GMT
Date
Sat, 29 Jun 2024 17:59:44 GMT
ETag
"1afd48d39a53d71:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1042
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
GSE /
Resource Hash
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 17:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:59:46 GMT
jquery-3.6.0.min.js
giftprepaid.mastercard.com/themes/CPP-Base/scripts/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/CPP-Base/scripts/jquery-3.6.0.min.js?v=1.0.8902.17024
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Sun, 06 Aug 2023 17:47:22 GMT
ETag
"07168d8ec8d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
30982
X-XSS-Protection
1;mode=block
angular.min.js
giftprepaid.mastercard.com/scripts/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/scripts/angular.min.js?v=1.0.8902.17024
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
64e327b8fae7a4714dd9b5205e2e665f513baa4ea29d642d1864e78ecf9745da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Wed, 17 Aug 2022 14:30:42 GMT
ETag
"0d5d3ed45b2d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
58736
X-XSS-Protection
1;mode=block
angular-messages.min.js
giftprepaid.mastercard.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/scripts/angular-messages.min.js?v=1.0.8902.17024
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
7d3a06eec2af5172c323d5a496c365aabca93974f92f691be6d3f6e6517d70dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Wed, 17 Aug 2022 14:30:42 GMT
ETag
"0d5d3ed45b2d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1471
X-XSS-Protection
1;mode=block
angular-recaptcha.js
giftprepaid.mastercard.com/themes/GiftCards/scripts/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/scripts/angular-recaptcha.js?v=1.0.8902.17024
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
35720c2e2492e2e8d498ec590595e47acbdbeaddd2c387c5a880a60d445b514f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Sun, 06 Aug 2023 17:36:30 GMT
ETag
"023c9888cc8d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3258
X-XSS-Protection
1;mode=block
app.js
giftprepaid.mastercard.com/themes/GiftCards/scripts/ 		181 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/scripts/app.js?v=1.0.8902.17024
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
2cf486d46db4a80b959429854fa5439f2c9a83afdf707b8520f204f3ad9d1692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Wed, 15 May 2024 17:27:40 GMT
ETag
"0cec82feda6da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
21262
X-XSS-Protection
1;mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ceCldLDyZN6bSQL6yyKLMg==
age
615
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jun 2024 19:49:58 GMT
server
cloudflare
etag
0x8DC96E2535B2336
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9c2b7048-201e-007d-6875-c90f42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89b7cff1cf4b91e9-FRA
140x50.jpg
giftprepaid.mastercard.com/media/228096/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giftprepaid.mastercard.com/media/228096/140x50.jpg
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
f5f357efdc555f345793169bad3f74fc45c7e429ea7cbba389db4df2c0ba42dd
Security Headers
Name Value
Content-Security-Policy style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Sat, 08 May 2021 08:13:27 GMT
ETag
"2d7c2f6e243d71:0"
X-Frame-Options
DENY
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4348
X-XSS-Protection
1; mode=block
567692_il_israel_post_giftcardplus_ils_card_r4_338x230px.png
giftprepaid.mastercard.com/media/228124/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giftprepaid.mastercard.com/media/228124/567692_il_israel_post_giftcardplus_ils_card_r4_338x230px.png
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
2c3b869d0bcf3bd4fc283f7c9c0ca48d7e1261dd740903ebfd5229ddf958c70f
Security Headers
Name Value
Content-Security-Policy style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Fri, 18 Jun 2021 03:34:19 GMT
ETag
"6754bd2f263d71:0"
X-Frame-Options
DENY
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
89884
X-XSS-Protection
1; mode=block
513f08f8-f498-4f9b-9b01-e9388016ced8.json
cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/513f08f8-f498-4f9b-9b01-e9388016ced8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7338cc47d1da5904b39eb37fafd697936554a23f28c999fc471007b4112fbb86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
23562
content-md5
pNZ94y0+0bvlwaIYGhGQIw==
content-length
2600
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 10:18:05 GMT
server
cloudflare
etag
0x8DC2D463C1B60AE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a70f2089-401e-003e-34b8-7baefc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89b7cff4dcf018d3-FRA
expires
Sun, 30 Jun 2024 17:59:46 GMT
/
giftprepaid.mastercard.com/giftprepaid.mastercard.com/tcwnucaptcha/2.2/w/w-880607/sync/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/giftprepaid.mastercard.com/tcwnucaptcha/2.2/w/w-880607/sync/js/
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sat, 29 Jun 2024 17:59:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=5, max=100
Content-Length
196
X-XSS-Protection
1;mode=block
api.js
www.google.com/recaptcha/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/themes/GiftCards/scripts/angular-recaptcha.js?v=1.0.8902.17024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
GSE /
Resource Hash
01ba3edde179a5295934c0b889fec91dd39e1c1d2c815f4267f82c48e0479112
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 17:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 29 Jun 2024 17:59:46 GMT
question-mark-white.svg
giftprepaid.mastercard.com/themes/GiftCards/images/ 		1016 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://giftprepaid.mastercard.com/themes/GiftCards/images/question-mark-white.svg
Requested by
Host: giftprepaid.mastercard.com
URL: https://giftprepaid.mastercard.com/themes/GiftCards/css/main.css?v=1.0.8902.17024
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
0db1a5922723968cc17455fc2ce914de73a24bb494e5d6a718e84aea9e672b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/themes/GiftCards/css/main.css?v=1.0.8902.17024
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sat, 29 Jun 2024 17:59:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Aug 2023 17:36:30 GMT
ETag
"023c9888cc8d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1016
X-XSS-Protection
1;mode=block
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Origin
https://giftprepaid.mastercard.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 19:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jun 2025 19:57:26 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept
application/json
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 17:59:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
89b7cff5ed0e972c-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202401.2.0/ 		430 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ekgyiOgvSPjNzcyXVUS11Q==
age
10149
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106739
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:28 GMT
server
cloudflare
etag
0x8DC3E996ED117D9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e31c6377-501e-009b-7f34-71f886000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89b7cff64eb691e9-FRA
en.json
cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/bc978b01-495e-4c98-9824-7cf6f41e3ff0/ 		134 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/513f08f8-f498-4f9b-9b01-e9388016ced8/bc978b01-495e-4c98-9824-7cf6f41e3ff0/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41bfd212d7f3ebd6f1eca604d37cc89563db4d0e6b34bf56025a9fe72621e22e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
20865
content-md5
h4POxfo95BH0rlg7XG4K6A==
content-length
26535
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 10:18:27 GMT
server
cloudflare
etag
0x8DC2D4649174E8D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
10068efa-901e-002d-732f-5f8af0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89b7cff7189c18d3-FRA
expires
Sun, 30 Jun 2024 17:59:47 GMT
favicon.ico
giftprepaid.mastercard.com/media/227923/ 		5 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://giftprepaid.mastercard.com/media/227923/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.174 , United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
sainsburysbank.cashpassport.com
Software
/
Resource Hash
bc5e915bab46a4e2668b24da55c70feb9f0ce368c02bd1f1cc79420c195ea738
Security Headers
Name Value
Content-Security-Policy style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
style-src ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.serving-sys.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.vixverify.com *.edentiti.com 'self'; img-src www.gravatar.com www.google-analytics.com 'self' data:; font-src 'self'; default-src 'self';
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Sat, 29 Jun 2024 17:59:45 GMT
Last-Modified
Mon, 15 Jun 2020 11:48:10 GMT
ETag
"65e513d8a43d61:0"
X-Frame-Options
DENY
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
5430
X-XSS-Protection
1; mode=block
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Mxz2n732zKhkPcAbb+5oGw==
age
33464
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2626
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:22 GMT
server
cloudflare
etag
0x8DC3E996B0055CE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
75e9da7c-801e-0092-6a92-a0d6df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89b7cff7994018d3-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/ 		63 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+VcLy0Fhvi3ZWKBwz9NNzQ==
age
1058
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13587
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:24 GMT
server
cloudflare
etag
0x8DC3E996C0939E8
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
db97bf4e-f01e-002b-4dcf-70b94f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89b7cff7994318d3-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
30763
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
872b0719-801e-0038-1cd2-9b0030000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
89b7cff7994818d3-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
18162
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jun 2024 19:50:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7f1a112f-001e-00e2-10e7-c877f8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
89b7cff82a0918d3-FRA
MicrosoftTeams-image.png
cdn.cookielaw.org/logos/1df3f1e6-52a6-46c4-b5a1-0e035b09a859/13fcc13d-4d31-4d8f-8ff2-36a6ae506a70/910baba8-ba5c-44b7-b61d-3d9c697bede5/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/1df3f1e6-52a6-46c4-b5a1-0e035b09a859/13fcc13d-4d31-4d8f-8ff2-36a6ae506a70/910baba8-ba5c-44b7-b61d-3d9c697bede5/MicrosoftTeams-image.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10093f0ee507eae35e46a2ebce9f933841464f274cb782d8066e2f01735b4995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YsPa/NN61DiHrQPq6iAFeQ==
age
61792
content-length
27570
x-ms-lease-status
unlocked
last-modified
Tue, 17 Jan 2023 07:58:20 GMT
server
cloudflare
etag
0x8DAF86099A081A7
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a9e8c7a2-d01e-0003-3e08-7cd8e7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
89b7cff8396991e9-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://giftprepaid.mastercard.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 29 Jun 2024 17:59:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
6559
x-ms-lease-status
unlocked
last-modified
Thu, 27 Jun 2024 19:50:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fae89d25-501e-0014-6c8e-c950ee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
89b7cff8397091e9-FRA

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| angular object| gc function| __extends object| OneTrustStub function| OptanonWrapper object| page_url string| urlparam object| urlSplit function| setCookieUser number| captchaMaxFailedAttempts object| ndsapi object| di object| vcRecaptchaApiLoadedCallback function| vcRecaptchaApiLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| recaptcha object| Optanon object| OneTrust

6 Cookies

Domain/Path Name / Value
.giftprepaid.mastercard.com/israelpost-gift Name: OptanonConsent
Value: hosts=&datestamp=Sat+Jun+29+2024+19%3A59%3A47+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202401.2.0
giftprepaid.mastercard.com/ Name: ASP.NET_SessionId
Value: a1x5fgenuniodxdzkjr5h0cs
giftprepaid.mastercard.com/ Name: LanguageCookie
Value: en-US
giftprepaid.mastercard.com/ Name: BIGipServerjapan-ecomm-https-pool
Value: !QWvO6tr/fE2clRQ5YmoqryHwQf04ECilvHcY5iDM6+D7M55xc7+ev+zRRVXXrGS/x24AGQvu8NgEf1s=
giftprepaid.mastercard.com/ Name: TS0110f040
Value: 01772feb4b7396c95d43aa27908671eb92d8d6c0b8ac4a4617b60db049cf34866553d0016cc8f94a7b09a31fd5f13f3d9ef565d08a5cf1a622bb2a6132d94c929bdfa2d2052eb27ebb735c5feb1f80229359af4f9e44232d5e82c177dad9a7d8f80e62c219
giftprepaid.mastercard.com/ Name: ILBSESSION
Value: !nVV+DAJJkuHDIcgeYyRK81V1IZ11Yt8N3nMrQsX0PltB33BudjVtoOozDAyjJ19xFifXpq8oeyNcsg==

10 Console Messages

Source Level URL
Text
recommendation warning URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
[DOM] Found 2 elements with non-unique id #CaptchaSession: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
[DOM] Found 2 elements with non-unique id #clientId: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
[DOM] Found 2 elements with non-unique id #isCaptchaEnabled: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
[DOM] Found 2 elements with non-unique id #nds-pmd: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://giftprepaid.mastercard.com/giftprepaid.mastercard.com/tcwnucaptcha/2.2/w/w-880607/sync/js/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
Refused to execute script from 'https://giftprepaid.mastercard.com/giftprepaid.mastercard.com/tcwnucaptcha/2.2/w/w-880607/sync/js/' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security error URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
Refused to execute script from 'https://giftprepaid.mastercard.com/giftprepaid.mastercard.com/tcwnucaptcha/2.2/w/w-880607/sync/js/' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
recommendation verbose URL: https://giftprepaid.mastercard.com/register-card?login=true&returnurl=%2fmyaccount%2f
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src *.edentiti.com *.optimizely.com cloud.typography.com smetrics.mastercard.com fonts.googleapis.com ajax.aspnetcdn.com hello.myfonts.net fast.fonts.net use.typekit.net 'unsafe-inline' 'self'; script-src *.cookielaw.org *.demdex.net smetrics.mastercard.com *.edentiti.com ipac.ctnsnet.com *.optimizely.com *.auspost.com.au *.omtrdc.net *.demdex.net *.effectivemeasure.net assets.adobedtm.com d3b3ehuo35wzeh.cloudfront.net *.fullstory.com www.google.com www.gstatic.com www.googleadservices.com connect.facebook.net app.rejoiner.com pixel.mathtag.com *.taboola.com benchtag.co www.googletagmanager.com *.rfihub.net *.serving-sys.com s3.amazonaws.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com ajax.aspnetcdn.com use.typekit.net api-mastercard-mpms.nd.nudatasecurity.com ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src * 'self'; img-src *.mastercard.com *.mastercard.us *.cookielaw.org *.optimizely.com s.effectivemeasure.net *.auspost.com.au *.facebook.com load.s3.amazonaws.com *.openx.net *.bluekai.com *.adnxs.com *.exelator.com smetrics.mastercard.com *.casalemedia.com *.pubmatic.com *.360yield.com *.btrll.com *.twitter.com *.mathtag.com *.taboola.com *.g.doubleclick.net app.rejoiner.com www.google.com www.google.com.au www.googleadservices.com www.gravatar.com www.google-analytics.com p.typekit.net ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:; font-src fonts.gstatic.com use.typekit.net 'unsafe-inline' data: * 'self'; default-src *.cookielaw.org smetrics.mastercard.com *.onetrust.com *.demdex.net *.optimizely.com 'self' data:; media-src * ndapi-us-east-1.ndsprod.nudatasecurity.com 'self' data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
giftprepaid.mastercard.com
www.google.com
www.gstatic.com
216.119.218.174
216.58.212.164
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2a00:1450:4001:831::2003
01ba3edde179a5295934c0b889fec91dd39e1c1d2c815f4267f82c48e0479112
022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0db1a5922723968cc17455fc2ce914de73a24bb494e5d6a718e84aea9e672b38
10093f0ee507eae35e46a2ebce9f933841464f274cb782d8066e2f01735b4995
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2c3b869d0bcf3bd4fc283f7c9c0ca48d7e1261dd740903ebfd5229ddf958c70f
2cf486d46db4a80b959429854fa5439f2c9a83afdf707b8520f204f3ad9d1692
35720c2e2492e2e8d498ec590595e47acbdbeaddd2c387c5a880a60d445b514f
3b6060c030f9f26aa3b551f8f43939b13095ffa9dfd4c1a2a44315246729f711
41bfd212d7f3ebd6f1eca604d37cc89563db4d0e6b34bf56025a9fe72621e22e
5e70046b9b15bc27a865b62e28bfd025c5497bfd6be7127524182f74960b323b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
64e327b8fae7a4714dd9b5205e2e665f513baa4ea29d642d1864e78ecf9745da
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7338cc47d1da5904b39eb37fafd697936554a23f28c999fc471007b4112fbb86
7d3a06eec2af5172c323d5a496c365aabca93974f92f691be6d3f6e6517d70dd
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
bc5e915bab46a4e2668b24da55c70feb9f0ce368c02bd1f1cc79420c195ea738
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f32e91fbc09bf293b5577d57de7a35314bcce59672e152bcec4b04532fe8bc1c
f5f357efdc555f345793169bad3f74fc45c7e429ea7cbba389db4df2c0ba42dd